[pve-devel] [PATCH docs] pveum: document correct path for ldap/realm credentials
Christoph Heiss
c.heiss at proxmox.com
Fri Mar 28 13:07:25 CET 2025
/etc/pve/priv/realm has been the default path since commit
782b702db ("auth ldap/ad: make password a parameter for the api")
That commit was part of pve-access-control 6.0-7.
Replace /etc/pve/priv/ldap with /etc/pve/priv/realm, to avoid pointing
users to the deprecated path.
It's not used anywhere in our code too, except as (very) old fallback.
Signed-off-by: Christoph Heiss <c.heiss at proxmox.com>
---
pveum.adoc | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pveum.adoc b/pveum.adoc
index 0cc267e..c5fbd46 100644
--- a/pveum.adoc
+++ b/pveum.adoc
@@ -224,8 +224,8 @@ attribute would be `uid`.
If {pve} needs to authenticate (bind) to the LDAP server before being
able to query and authenticate users, a bind domain name can be
configured via the `bind_dn` property in `/etc/pve/domains.cfg`. Its
-password then has to be stored in `/etc/pve/priv/ldap/<realmname>.pw`
-(for example, `/etc/pve/priv/ldap/my-ldap.pw`). This file should contain a
+password then has to be stored in `/etc/pve/priv/realm/<realmname>.pw`
+(for example, `/etc/pve/priv/realm/my-ldap.pw`). This file should contain a
single line with the raw password.
To verify certificates, you need to set `capath`. You can set it either
--
2.48.1
More information about the pve-devel
mailing list